Inter-chip communication - Testing end-to-end security on IoT

Presented at DerbyCon 9.0 Finish Line (2019), Sept. 7, 2019, noon (45 minutes)

The evaluation of an embedded products end-to-end security can often be greatly improved by examining data communication at the circuit level via inter-chip communication as data passes thru an embedded device. So during this presentation we will be exploring inter-chip communication concepts. Focusing on mapping circuit layouts, capturing and decoding communication methodologies, and evaluation of end-to-end security concepts on IoT bridging devices used for remote Internet access to devices leveraging none routable Protocols. With the goals of identifying and understanding: The decoding of Inter-chip communication, End-to-End security validation, Identification of potential attack vectors & vulnerabilities, Device internal command structure, Weaponization of bridge devices

Presenters:

  • Deral Heiland / percent_x as Deral Heiland
    Deral Heiland, serves as a Research Lead (IoT) for Rapid7. Deral has over 25 years of experience in the Information Technology field. Over the last 15+ years Deral’s career has focused on security research, penetration testing, and consulting. Deral has conducted security research on numerous subjects, releasing white papers, advisories, and has presented the information at conferences including Blackhat, Defcon, Shmoocon, DerbyCon. Deral has been interviewed by and quoted by media outlets and publications including ABC World News Tonight, BBC, Consumer Reports, and MIT Technical Review.

Links:

Similar Presentations: